package com.test.platform.config;

import com.test.platform.module.system.oauth2.OAuth2Filter;
import com.test.platform.module.system.oauth2.OAuth2Realm;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

@Configuration
public class ShiroConfig {

	@Bean("securityManager")
	public SecurityManager securityManager(OAuth2Realm oAuth2Realm) {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setRealm(oAuth2Realm);
		securityManager.setRememberMeManager(null);
		return securityManager;
	}

	@Bean("shiroFilter")
	public ShiroFilterFactoryBean shirFilter(SecurityManager securityManager) {
		ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
		shiroFilter.setSecurityManager(securityManager);

		// oauth过滤
		Map<String, Filter> filters = new HashMap<>();
		filters.put("oauth2", new OAuth2Filter());
		shiroFilter.setFilters(filters);

		Map<String, String> filterMap = new LinkedHashMap<>();

		// 用户登录注册不需要token
		filterMap.put("/system/user/login", "anon");
		filterMap.put("/system/user/add", "anon");

		// todo 待定
		filterMap.put("/perf/report/finish", "anon");
		filterMap.put("/perf/resource/upload/process", "anon");
		filterMap.put("/perf/agent/reflush", "anon");
		filterMap.put("/autotest/case/upload/resultAndLog", "anon");
		filterMap.put("/file/**", "anon");

		// swagger页面不需要token
		filterMap.put("/swagger-ui.html", "anon");
		filterMap.put("/webjars/**", "anon");
		filterMap.put("/swagger-resources/**", "anon");
		filterMap.put("/v2/api-docs", "anon");
		filterMap.put("/csrf", "anon");
		// swagger-mg-ui
		filterMap.put("/document.html", "anon");
		filterMap.put("/swagger-mg-ui/**", "anon");
		// swagger-ui-layer
		filterMap.put("/docs.html", "anon");
        // swagger-bootstrap-ui
		filterMap.put("/doc.html", "anon");

		// 静态资源不需要token
		filterMap.put("/", "anon");
		filterMap.put("/index.html", "anon");
		filterMap.put("/css/**", "anon");
		filterMap.put("/js/**", "anon");
		filterMap.put("/fonts/**", "anon");
		filterMap.put("/img/**", "anon");
		filterMap.put("/favicon.ico", "anon");

		// 执行机使用到的接口
		filterMap.put("/autotest/case/batchSetResultByCaseNums", "anon");
		filterMap.put("/autotest/case/setAuto", "anon");
		filterMap.put("/autotest/task/updateStatus", "anon");

		// 其他的都需要
		filterMap.put("/**", "oauth2");
		shiroFilter.setFilterChainDefinitionMap(filterMap);

		return shiroFilter;
	}

	@Bean("lifecycleBeanPostProcessor")
	public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
		return new LifecycleBeanPostProcessor();
	}

	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
		AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
		advisor.setSecurityManager(securityManager);
		return advisor;
	}

}
